Google essentially got slapped in the face when Epic Games, the developer of the super popular Fortnite, decided not to make the game available through the Play Store, but via its own app.

Google warned Epic that doing so could potentially put Android users at greater security risk, but the game developer brushed it off, insisting on going it alone for several reasons — including not having to give Google a cut in-app revenue and “embracing open platforms.”

Well, now the worst has happened. Despite having no obligation to do so, Google recently discovered an exploit within the Fortnite installer app that allowed malicious apps installed on one’s Android phone to hijack the download process so that instead of downloading the game from Epic’s server, it could download and install something entirely different, which could potentially leave the device open to attacks.

SEE ALSO: What You Should Know About ‘Fortnite’ Addiction

Here’s a quick run-down of what happened:

Google first discovered the vulnerability inside of the Fortnite installer app on Aug. 15 and immediately notified Epic. Details for the exploit weren’t public yet. Within 48 hours, Epic patched the Fortnite installer and deployed it to all Android users who installed the app. 

Here’s where things get a little ugly. Even though Epic quickly released a patch for the installer app, it asked Google not to disclose the details of the exploit until after 90 days. Not only would there be more time for users to update their installer apps, but hackers also wouldn’t be able to take advantage of the bug.

However, Google’s bug disclosure guidelines explicitly states the following:

“This bug is subject to a 90-day disclosure deadline. After 90 days elapse or a patch has been made broadly available, the bug report – including any comments and attachments – will become visible to the public.”

Despite Epic’s request for Google to wait the full 90 days before disclosing the exploit, Google abided by its own guidelines and shared the details.

Per Google’s Issue Tracker thread on the bug report:

“…now the patched version of Fortnite Installer has been available for 7 days we will proceed to unrestrict this issue in line with Google’s standard disclosure practices”.

Naturally, the Fortnite developer wasn’t happy about Google’s decision at all. Epic provided Mashable the following comment from CEO Tim Sweeney:

“Epic genuinely appreciated Google’s effort to perform an in-depth security audit of Fortnite immediately following our release on Android, and share the results with Epic so we could speedily issue an update to fix the flaw they discovered.

However, it was irresponsible of Google to publicly disclose the technical details of the flaw so quickly, while many installations had not yet been updated and were still vulnerable.

An Epic security engineer, at my urging, requested Google delay public disclosure for the typical 90 days to allow time for the update to be more widely installed. Google refused. You can read it all at https://issuetracker.google.com/issues/112630336

Google’s security analysis efforts are appreciated and benefit the Android platform, however a company as powerful as Google should practice more responsible disclosure timing than this, and not endanger users in the course of its counter-PR efforts against Epic’s distribution of Fortnite outside of Google Play.”

Ultimately, who’s in the right and who’s in the wrong? Honestly, neither company is. 

Google is right that Epic’s decision to not release Fortnite through the Play Store leaves the app more vulnerable. As my colleague, Mashable tech reporter Matt Binder, previously made clear: Android users need to disable certain Android security permissions in order to install Fortnite and there’s no guarantee they’ll remember to turn them back on after doing so.

Maybe Google really is butt-hurt that it’s not getting any revenue from the massively popular game (apps listed on Google Play pay a share of their sales to Google). However, because of the game’s popularity, the Android gatekeeper still has a responsibility to ensure that users are safe. Otherwise, the entire platform could end up with an even worse reputation because of third-party developers.

That said, Epic is also right because if Google truly cares about protecting its users first and foremost, it should have been more flexible on its bug disclosure deadline so as to not tip off hackers so quickly.

Following Sweeney’s statement, Google had only this to say in response to Mashable’s request for comment: “User security is our top priority, and as part of our proactive monitoring for malware we identified a vulnerability in the Fortnite installer. We immediately notified Epic Games and they fixed the issue.”

The disagreements between Google and Epic should not be overlooked. Google may wish to have nothing to do with Fortnite after being shunned by Epic Games, but their paths will inevitably cross because of the Android platform.

It’s possible Google will discover vulnerabilities in future versions of the Fortnite installerm or even other app installers from other companies that decide to follow in Epic’s footsteps and not offer their apps in the Play Store. Will Google have to monitor and perform security audits on all of those as well in order to protect Android users? Hard to say, but it’s sure gonna be interesting to watch from the sidelines.

If anyone’s laughing at this turn of events, it’s Apple. The company’s closed platform means all apps must be released through the App Store. By not allowing apps to be officially released in any other way, Apple has guarded itself against the issue Google’s now facing. 

Google essentially got slapped in the face when Epic Games, the developer of the super popular Fortnite, decided not to make the game available through the Play Store, but via its own app.

Google warned Epic that doing so could potentially put Android users at greater security risk, but the game developer brushed it off, insisting on going it alone for several reasons — including not having to give Google a cut in-app revenue and “embracing open platforms.”

Well, now the worst has happened. Despite having no obligation to do so, Google recently discovered an exploit within the Fortnite installer app that allowed malicious apps installed on one’s Android phone to hijack the download process so that instead of downloading the game from Epic’s server, it could download and install something entirely different, which could potentially leave the device open to attacks.

SEE ALSO: What You Should Know About ‘Fortnite’ Addiction

Here’s a quick run-down of what happened:

Google first discovered the vulnerability inside of the Fortnite installer app on Aug. 15 and immediately notified Epic. Details for the exploit weren’t public yet. Within 48 hours, Epic patched the Fortnite installer and deployed it to all Android users who installed the app. 

Here’s where things get a little ugly. Even though Epic quickly released a patch for the installer app, it asked Google not to disclose the details of the exploit until after 90 days. Not only would there be more time for users to update their installer apps, but hackers also wouldn’t be able to take advantage of the bug.

However, Google’s bug disclosure guidelines explicitly states the following:

“This bug is subject to a 90-day disclosure deadline. After 90 days elapse or a patch has been made broadly available, the bug report – including any comments and attachments – will become visible to the public.”

Despite Epic’s request for Google to wait the full 90 days before disclosing the exploit, Google abided by its own guidelines and shared the details.

Per Google’s Issue Tracker thread on the bug report:

“…now the patched version of Fortnite Installer has been available for 7 days we will proceed to unrestrict this issue in line with Google’s standard disclosure practices”.

Naturally, the Fortnite developer wasn’t happy about Google’s decision at all. Epic provided Mashable the following comment from CEO Tim Sweeney:

“Epic genuinely appreciated Google’s effort to perform an in-depth security audit of Fortnite immediately following our release on Android, and share the results with Epic so we could speedily issue an update to fix the flaw they discovered.

However, it was irresponsible of Google to publicly disclose the technical details of the flaw so quickly, while many installations had not yet been updated and were still vulnerable.

An Epic security engineer, at my urging, requested Google delay public disclosure for the typical 90 days to allow time for the update to be more widely installed. Google refused. You can read it all at https://issuetracker.google.com/issues/112630336

Google’s security analysis efforts are appreciated and benefit the Android platform, however a company as powerful as Google should practice more responsible disclosure timing than this, and not endanger users in the course of its counter-PR efforts against Epic’s distribution of Fortnite outside of Google Play.”

Ultimately, who’s in the right and who’s in the wrong? Honestly, neither company is. 

Google is right that Epic’s decision to not release Fortnite through the Play Store leaves the app more vulnerable. As my colleague, Mashable tech reporter Matt Binder, previously made clear: Android users need to disable certain Android security permissions in order to install Fortnite and there’s no guarantee they’ll remember to turn them back on after doing so.

Maybe Google really is butt-hurt that it’s not getting any revenue from the massively popular game (apps listed on Google Play pay a share of their sales to Google). However, because of the game’s popularity, the Android gatekeeper still has a responsibility to ensure that users are safe. Otherwise, the entire platform could end up with an even worse reputation because of third-party developers.

That said, Epic is also right because if Google truly cares about protecting its users first and foremost, it should have been more flexible on its bug disclosure deadline so as to not tip off hackers so quickly.

Following Sweeney’s statement, Google had only this to say in response to Mashable’s request for comment: “User security is our top priority, and as part of our proactive monitoring for malware we identified a vulnerability in the Fortnite installer. We immediately notified Epic Games and they fixed the issue.”

The disagreements between Google and Epic should not be overlooked. Google may wish to have nothing to do with Fortnite after being shunned by Epic Games, but their paths will inevitably cross because of the Android platform.

It’s possible Google will discover vulnerabilities in future versions of the Fortnite installerm or even other app installers from other companies that decide to follow in Epic’s footsteps and not offer their apps in the Play Store. Will Google have to monitor and perform security audits on all of those as well in order to protect Android users? Hard to say, but it’s sure gonna be interesting to watch from the sidelines.

If anyone’s laughing at this turn of events, it’s Apple. The company’s closed platform means all apps must be released through the App Store. By not allowing apps to be officially released in any other way, Apple has guarded itself against the issue Google’s now facing. 

Walt Disney World might now be a place where the workers’ dreams really do come true. After months of negotiations, the theme park and resort struck a deal with six unions to start paying employees $15 per hour by 2021, according to the Orlando Sentinel. 

The deal still awaits union members’ approval, but it would slowly increase the hourly minimum wage for Disney World staff from $10 to $15 by October 2021. Nationwide advocates of a $15 hourly wage often refer to that pay as a “living wage.”  

SEE ALSO: Disney hops on the straw ban(dwagon)

UNITE HERE Central Florida, a union that represents staff with Walt Disney World Food & Beverage and Housekeeping, called the raise “historic” in a Facebook post published Friday. In addition, workers will receive a previously scheduled $1,000 bonus that had been put on hold during negotiations. 

The deal will affect 38,000 employees that belong to six different unions. Though Disney World originally wanted concessions on union rights, the agreement doesn’t include those demands. 

“These Union raises will be life-changing for the women and men who welcome millions of tourists to Walt Disney World,” Matt Hollis, president of the Service Trades Council Union, said in a statement. “Now money tourists spend here in Central Florida will stay here, pumping hundreds of millions of dollars into local small businesses.” 

The Economic Policy Institute, a nonpartisan think tank, estimates that full-time, year-round workers who receive $15 an hour will earn $3,500 more a year. It also argues that a single, childless adult will need to earn $15 an hour by 2024 in order to “achieve a modest but adequate standard of living.” 

Mistakes happen. But on the iPhone, they can be undone very easily.

While the Mac has Command-Z, the iPhone has its own unique way of fixing mistakes: Shake to Undo. Shaking your device to go back or undo a mistake has been around since 2009 and iOS 3 (called iPhone OS back then). And it’s one of the most overlooked features on iOS.

Rather than a system-wide button or symbol for undo on iOS, you just shake your phone. For most iPhone users it’s a forgotten feature, but writer John Gruber recently gave it newfound attention with a thoughtful analysis and the revelation that it was actually originally conceived as a joke.

In any case, it’s a useful reminder that the feature exists: When you want to undo something on your iPhone, just shake the darn thing.

SEE ALSO: Apple cleans up Exchange syncing issues with iOS 11.4.1

Shake to Undo is turned on by default. You can turn it off under Settings>General>Accessibility, but be warned: There is no other undo function for iOS. Select apps may have an undo button (usually with a counterclockwise-pointing arrow), but the line stops there. 

In iOS 11 on the iPad, Apple introduced undo and redo arrows for the keyboard but didn’t take it farther or expand it to the iPhone. Last year’s software update also brought native drag and drop, and since then I’ve been using this feature even more. 

With Shake to Undo turned on, iOS users can quickly fix mistakes. Amongst my friends, I have my own unique language that swaps out understandability for laugh-ability. One particularly horrific autocorrect was when iOS changed necklace to “neck ass” — luckily, Shake to Undo was there to fix it.

While I do use Shake to Undo quite a bit, there is always the question of whether I should, as it’s just to easy to slam on the backspace key. You might be someone who gets the undo pop-up by accident on a frequent basis, and that can be a nuisance.

I am a frequent user of Shake to Undo on my iPhone, whether it be for texts, accidentally deleting an email, or moving a photo to the wrong spot. It is a universal way to fix something, something that Windows Phone didn’t have, and Android still doesn’t have. 

So if you forget, just give your iPhone or iPad a shake. It just might make you fall in love with this aging gesture.

Way back in 2015, before he was firing everyone from his golden toilet in the White House, Donald Trump just wanted a photo with Sia.

In a Rolling Stone profile published Friday, the singer recalled how Trump politely took it in stride when she declined to take a photo together after they both appeared on Saturday Night Live. But the funniest part? Sia said she had “crazy diarrhea” after the encounter. 

SEE ALSO: Why Trump’s EPA wants to kill the nation’s most ambitious climate change plan

Sia was walking back to her dressing room when Trump, who was hosting that night’s SNL, spotted her and asked for a photo together.

“We’ve got to get a photo!” Sia recalled Trump saying. His daughter Ivanka was reportedly with the future president and ready to snap a pic, but Sia refused his request. 

The singer said she worried about the potential outrage that would come if she was seen with Trump. “Actually, do you mind if we don’t? I have a lot of queer and Mexican fans, and I don’t want them to think that I support your views,” she recalled telling Trump.

Seemingly not offended, Trump brushed it off and didn’t appear angry or upset. “Oh, no problem. Then don’t,” he said in Sia’s account.

“It was as if he viewed me as protecting my brand,” she added. That’s when this story’s twist happened.

“I was like, ‘Thank you so much,’” Sia told Rolling Stone, before adding, “and then I went into my dressing room and had crazy diarrhea.”

While you might be LOLing at the meeting, as the Huffington Post’s follow-up report notes, it’s not the only time the Australian pop star ever took a serious dump after being in stressful situation.

In December 2017, she tweeted to her fans how she suffered from similar symptoms after bad weather conditions screwed up a flight, and then a blown tire during a 13-hour drive “has given me crazy diarrhea.”

The question now is, will Trump fire back? Shade her on Twitter? We all know how easily irritated the 45th President of the United States gets whenever anyone says anything remotely bad about him.